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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^] Responsive to communication(s) filed on 30 September 2003 . 
2a)D This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-21 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) E3 Claim(s) 1-21 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) £3 The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 30 September 2003 is/are: a)l3 accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 

3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Art Unit: 21 16 

Specification 

The disclosure is objected to because of the following informalities: 

On pages 9 and 10, paragraph 0028, lines 3, 4, and 7 recite "signal-bearing media" 

whereas claim 15, line 1, recites "computer program product, residing on a computer usable 

medium". 

Appropriate correction is required. 

Double Patenting 

The nonstatutory double patenting rejection is based on a judicially created doctrine 
grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or 
improper timewise extension of the "right to exclude" granted by a patent and to prevent 
possible harassment by multiple assignees. A nonstatutory obviousness-type double 
patenting rejection is appropriate where the conflicting claims are not identical, but at least 
one examined application claim is not patentably distinct from the reference claim(s) because 
the examined application claim is either anticipated by, or would have been obvious over, the 
reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); 
In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Long/, 759 F.2d 887, 
225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 
1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 
F.2d 528, 163 USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may 
be used to overcome an actual or provisional rejection based on a nonstatutory double 
patenting ground provided the conflicting application or patent either is shown to be 
commonly owned with this application, or claims an invention made as a result of activities 
undertaken within the scope of a joint research agreement. 

Effective January 1 , 1994, a registered attorney or agent of record may sign a terminal 
disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 
3.73(b). 

Claims 1-3, 7-10, 14-17, and 21 are provisionally rejected on the ground of 
nonstatutory obviousness-type double patenting as being unpatentable over claims 1 and 2 
of copending Application No. 10/698,208. Although the conflicting claims are not identical, 
they are not patentably distinct from each other because the limitations in claims 1-3, 7-10, 


14-17, and 21 are disclosed in claims 1 and 2 of copending Application No. 10/698,208. 
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Claims 1-3, 7-10, 14-17, and 21 are nearly identical to claims 1 and 2 of copending 
Application No. 10/698,208 except that claims 1-3, 7-10, 14-17, and 21 in the current 
application recite "a method, a system, and a computer program product for managing a 
secure network boot of a server blade", whereas claims 1 and 2 of copending Application No. 
10/698,208 recite "a service for managing a secure network boot of a server blade". The 
referred claims encompass any one of "a method, a system, a computer program product, 
and a service for managing a secure network boot of a server blade". 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 
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Claims 1-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over Frye, 
JR., US Paten Appl. Pub. Num. 2003/0126426, in view of Schell et al., US Patent Num. 
6,314,520, and further in view of Pan etal., US Patent Appl. Pub. Num. 2004/0081104. 

Re claims 1, 8, and 15, Frye discloses a method, a system, and a computer program 
product for managing a secure network boot, the method, system, and computer program 
product comprising: 

broadcasting a request for a boot program from a server to a network of management 
servers (paragraph 0008, lines 8-15, paragraph 0018, lines 11-24, FIG. 2, 112, 114, two 
separate 120 - i.e. plurality of management serves in a network); 

receiving a response to the request for the boot program, the response being from a 
responding management server on the network of management servers, the response 
containing directions to a boot program server (paragraph 0019, lines 1-7, lines 25-30, 
paragraph 0044, lines 3-9, FIG. 2, 115, 120, 130); 

transmitting the response from the responding management server to the server, and 
downloading a boot program from a boot program server specified by the responding 
management server (paragraph 0019, lines 25-30, paragraph 0020, lines 1-22, paragraph 
0022, lines 10-16, paragraph 0023, lines 4-8) 

Frye fails to disclose storing a list of trusted management servers, comparing an 
identity of the responding management server with a list of trusted management servers, and 
upon verifying that the responding management server is on the list of trusted management 
servers, 

transmitting the response from the responding management server (this step was 
addressed by Frye as indicated above and was added here for clarity). 
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Schell teaches a networked client/server computer system configured to establish a 
trusted workstation (column 1, lines 20-22). Schell further teaches each workstation having a 
network interface card (NIC), which establishes a trusted connection between the workstation 
and the server (column 3, lines 62-65, FIG. 1,14, 20) through which the workstation 
communicates with the server over the computer network (column 4, lines 5-7, FIG. 1,12, 
14). In addition, Schell further teaches the NIC card containing a trusted computing base 
(TCB) extensions that provide for securely booting the workstation, the "TBC extensions" 
referring to extensions of the server's TCB that operate as part of the workstation's network 
trusted computing base (column 2, lines 3-11) (i.e. database of trusted servers contained on 
the NIC). Schell also teaches an address confirmation circuit, wherein upon receipt of a 
packet, the source address of the received packet is compared for verification that it was sent 
from an authorized server (i.e. identity verification) (column 2, lines 30-35, column 3, lines 6- 
1 1 , column 4, line 64- column 5, line 2, column 5, lines 1 3-22). In Schell, the pre-boot 
modules are downloaded to the workstation from known trusted servers only (column 2, lines 
50-54, column 3, lines 45-49) after meting the identity verification criteria. Thus, the security 
of the information stored on a client/server is ensured (column 1, lines 56-59). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to use the system and method of storing a trusted computing base (TCB) extension 
corresponding to trusted boot servers within a NIC used for communication over a network, 
the process or identity comparison and verification of the received network packets, and 
based upon that comparison downloading pre-boot modules to the client machine from 
trusted servers, as suggested by Schell with the method, system, and computer program 
product disclosed by Frye in order to implement storing a list of trusted management servers, 
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comparing an identity of the responding management server with a list of trusted 
management servers, and upon verifying that the responding management server is on the 
list of trusted management servers, transmitting the response from the responding 
management server. One of ordinary skill in the art would be motivated to do so in order to 
ensure security of the information being downloaded to the server blade. 

Frye and Schell fail to disclose the method, system, and computer program product for 
managing a secure network boot (addressed above) of a server blade, the server blade being 
in a blade chassis that has multiple server blades, the blade chassis including a switching 
means allowing the server blade to communicate with a network. 

Pan teaches a blade server having a rack with several chassis where the sever blades 
within each chassis communicate with each other and with the network through network 
switches (paragraph 0015, lines 3-10, FIG. 1, 10, 12, 14, 16, 20). In Pan, the network 
switches incorporate a PXE configuration agent used for secure automatic download of a 
configuration image during power or boot up of the blade server (paragraph 0017, lines 1-21, 
paragraph 0018, lines 1-9, paragraph 0010, lines 1-4). Thus, configuration time is saved and 
erroneous downloads are prevented (paragraph 0010, lines 4-12). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to use the blade server architecture incorporating network switches allowing the 
server blades to communicate with the network and the method of secure download of 
configuration images, as suggested by Pan with the with the method, system, and computer 
program product disclosed by Frye and Schell in order to implement managing a secure 
network boot of a server blade, the server blade being in a blade chassis that has multiple 
server blades, the blade chassis including a switching means allowing the server blade to 


u 
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communicate with a network. One of ordinary skill in the art would be motivated to do so in 
order to save configuration time and prevent erroneous downloads to the server blade. 

Re claims 2, 9, and 16, Schell further teaches the method, system, and computer 
program product, further comprising: 

upon determining that the responding management server is not on the list of trusted 
management servers, blocking the transmittal of the response from the responding 
management server to the server blade (column 5, lines 20-22). 

Re claims 3, 10, and 17, Frye and Schell further disclose the method, system, and 
computer program product as per claims 2, 9, and 16, further comprising: 

upon determining that the responding management server is not on the list of trusted 
management servers (Schell, column 5, lines 20-22), generating an alert to a designated 
administrator server of the presence of an unauthorized management server on the network 
of management servers (Frye, paragraph, 0047, lines 1-22). 

Re claims 4, 11, and 18, Pan further teaches the method, system, and computer 
program product, wherein the switching means is an Ethernet switch (paragraph 0015, line 
8). 

Re claims 5, 12, and 19, Pan further teaches the method, system, and computer 
program product as per claims 4, 1 1, and 19, wherein the comparing step is performed by 
configuring the Ethernet switch to perform Layer 3 packet filtering to identify Pre-boot 
Execution Environment/Bootstrap Protocol (PXE/BootP) traffic, wherein Layer 3 is a network 
layer of the seven layers of the Open System Interconnection (OSI) model (paragraph 0016, 
lines 1-4, paragraph 0017, lines 1-21, paragraph 0018, lines 1-9). 
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Re claims 6, 13, and 20, Schell further teaches the method, system, and computer 
program product, further comprising: 

upon determining that the responding management server is not on the list of trusted 
management servers, downloading a boot program from a known trusted boot server in a 
secure local area network LAN. 

[Schell does not specifically state upon determining that the responding management 
server is not on the list of trusted management servers, downloading a boot program from a 
known trusted boot server in a secure local area network LAN. However, Schell teaches 
discarding the received network packets transmitted by an unauthorized server (column 5, 
lines 20-22). Thus, it is determined that an untrusted server sent the packets and no 
download is initiated towards the client computer (i.e. determining that the responding boot 
program server is not on the list of trusted boot program servers). Only when the network 
packets are verified to be from a trusted server, the download is permitted over the LAN 
(column 3, lines 53-55, column 5, lines 13-20) (i.e. downloading a boot program from a 
known trusted boot server in a secure local area network LAN).] 

Re claims 7, 16, and 21, Frye and Schell further disclose the method, system, and 
computer program product as per claims 6, 15, and 20, further comprising: 

managing different types of boot program servers available to the server blade by 
maintaining, in an information technology services organization logically oriented between the 
different types of boot program servers and the server blade (Frye, paragraph 0022, lines 1- 
20), a permission list of boot program servers authorized for each server blade in a server 
blade chassis (Schell, column 2, lines 3-11). 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Stefan Stoynov whose telephone number is (571) 272-4236. 
The examiner can normally be reached on 8:00AM-4:30PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Lynne Browne can be reached on (571) 272-3670. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status information for 
unpublished applications is available through Private PAIR only. For more information about 
the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to 
the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 
(toll-free). 
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